<?php
if(isset($_POST['firstname']))
{
    $db = new Database();
    $auth = Auth::getAuth('current_user');
    
    $userID = $auth['userID'];
    $firstname = $_POST['firstname'];
    $lastname = $_POST['lastname'];
    $location = $_POST['location'];
    if(checkstrname($firstname) == 0 || checkstrname($lastname) == 0){
        echo 0; //!important for validating the callback to javascript
    }else{
        $user = $db->query("UPDATE users SET Firstname='$firstname',Lastname='$lastname',UserLocation='$location' WHERE userID='$userID'","update");
        $login = $db->query("SELECT userID,Firstname,Lastname,UserType,UserDept,UserLocation
                                    FROM users
                                    WHERE userID={$db->escape($userID)} ","row");
        Auth::setAuth('current_user',$login);
        echo 1; //!important for validating the callback to javascript
    }
}
exit;